tags. * * @param $name file name * @return array merged tags from config/$name.php */ function loadConfig($name = 'tags') { if (file_exists(CONFIGS . $name .'.php')) { require(CONFIGS . $name .'.php'); if (isset($tags)) { $this->tags = array_merge($this->tags, $tags); } } return $this->tags; } /** * Finds URL for specified action. * * Returns an URL pointing to a combination of controller and action. Param * $url can be: * + Empty - the method will find adress to actuall controller/action. * + '/' - the method will find base URL of application. * + A combination of controller/action - the method will find url for it. * * @param mixed $url Cake-relative URL, like "/products/edit/92" or "/presidents/elect/4" * or an array specifying any of the following: 'controller', 'action', * and/or 'plugin', in addition to named arguments (keyed array elements), * and standard URL arguments (indexed array elements) * @param boolean $full If true, the full base URL will be prepended to the result * @return string Full translated URL with base path. */ function url($url = null, $full = false) { return h(Router::url($url, $full)); } /** * Checks if a file exists when theme is used, if no file is found default location is returned * * @param string $file * @return string $webPath web path to file. */ function webroot($file) { $asset = explode('?', $file); $asset[1] = isset($asset[1]) ? '?' . $asset[1] : null; $webPath = "{$this->webroot}" . $asset[0]; if (!empty($this->theme)) { $viewPaths = App::path('views'); foreach ($viewPaths as $viewPath) { $path = $viewPath . 'themed'. DS . $this->theme . DS . 'webroot' . DS . $asset[0]; $theme = $this->theme . '/'; if (file_exists($path)) { $webPath = "{$this->webroot}theme/" . $theme . $asset[0]; break; } } } if (strpos($webPath, '//') !== false) { return str_replace('//', '/', $webPath); } return $webPath . $asset[1]; } /** * Adds a timestamp to a file based resource based on the value of `Asset.timestamp` in * Configure. If Asset.timestamp is true and debug > 0, or Asset.timestamp == 'force' * a timestamp will be added. * * @param string $path The file path to timestamp, the path must be inside WWW_ROOT * @return string Path with a timestamp added, or not. */ function assetTimestamp($path) { $timestampEnabled = ( (Configure::read('Asset.timestamp') === true && Configure::read() > 0) || Configure::read('Asset.timestamp') === 'force' ); if (strpos($path, '?') === false && $timestampEnabled) { $path .= '?' . @filemtime(WWW_ROOT . str_replace('/', DS, $path)); } return $path; } /** * Used to remove harmful tags from content * * @param mixed $output * @return cleaned content for output * @access public */ function clean($output) { $this->__reset(); if (empty($output)) { return null; } if (is_array($output)) { foreach ($output as $key => $value) { $return[$key] = $this->clean($value); } return $return; } $this->__tainted = $output; $this->__clean(); return $this->__cleaned; } /** * Returns a space-delimited string with items of the $options array. If a * key of $options array happens to be one of: * * - 'compact' * - 'checked' * - 'declare' * - 'readonly' * - 'disabled' * - 'selected' * - 'defer' * - 'ismap' * - 'nohref' * - 'noshade' * - 'nowrap' * - 'multiple' * - 'noresize' * * And its value is one of: * * - 1 * - true * - 'true' * * Then the value will be reset to be identical with key's name. * If the value is not one of these 3, the parameter is not output. * * 'escape' is a special option in that it controls the conversion of * attributes to their html-entity encoded equivalents. Set to false to disable html-encoding. * * @param array $options Array of options. * @param array $exclude Array of options to be excluded, the options here will not be part of the return. * @param string $insertBefore String to be inserted before options. * @param string $insertAfter String to be inserted ater options. * @return string Composed attributes. */ function _parseAttributes($options, $exclude = null, $insertBefore = ' ', $insertAfter = null) { if (is_array($options)) { $options = array_merge(array('escape' => true), $options); if (!is_array($exclude)) { $exclude = array(); } $keys = array_diff(array_keys($options), array_merge((array)$exclude, array('escape'))); $values = array_intersect_key(array_values($options), $keys); $escape = $options['escape']; $attributes = array(); foreach ($keys as $index => $key) { $attributes[] = $this->__formatAttribute($key, $values[$index], $escape); } $out = implode(' ', $attributes); } else { $out = $options; } return $out ? $insertBefore . $out . $insertAfter : ''; } /** * Formats an individual attribute, and returns the string value of the composed attribute. * * @param string $key The name of the attribute to create * @param string $value The value of the attribute to create. * @return string The composed attribute. * @access private */ function __formatAttribute($key, $value, $escape = true) { $attribute = ''; $attributeFormat = '%s="%s"'; $minimizedAttributes = array('compact', 'checked', 'declare', 'readonly', 'disabled', 'selected', 'defer', 'ismap', 'nohref', 'noshade', 'nowrap', 'multiple', 'noresize'); if (is_array($value)) { $value = ''; } if (in_array($key, $minimizedAttributes)) { if ($value === 1 || $value === true || $value === 'true' || $value == $key) { $attribute = sprintf($attributeFormat, $key, $key); } } else { $attribute = sprintf($attributeFormat, $key, ($escape ? h($value) : $value)); } return $attribute; } /** * Sets this helper's model and field properties to the dot-separated value-pair in $entity. * * @param mixed $entity A field name, like "ModelName.fieldName" or "ModelName.ID.fieldName" * @param boolean $setScope Sets the view scope to the model specified in $tagValue * @return void */ function setEntity($entity, $setScope = false) { $view =& ClassRegistry::getObject('view'); if ($setScope) { $view->modelScope = false; } elseif (!empty($view->entityPath) && $view->entityPath == $entity) { return; } if ($entity === null) { $view->model = null; $view->association = null; $view->modelId = null; $view->modelScope = false; $view->entityPath = null; return; } $view->entityPath = $entity; $model = $view->model; $sameScope = $hasField = false; $parts = array_values(Set::filter(explode('.', $entity), true)); if (empty($parts)) { return; } $count = count($parts); if ($count === 1) { $sameScope = true; } else { if (is_numeric($parts[0])) { $sameScope = true; } $reverse = array_reverse($parts); $field = array_shift($reverse); while(!empty($reverse)) { $subject = array_shift($reverse); if (is_numeric($subject)) { continue; } if (ClassRegistry::isKeySet($subject)) { $model = $subject; break; } } } if (ClassRegistry::isKeySet($model)) { $ModelObj =& ClassRegistry::getObject($model); for ($i = 0; $i < $count; $i++) { if ($ModelObj->hasField($parts[$i]) || array_key_exists($parts[$i], $ModelObj->validate)) { $hasField = $i; if ($hasField === 0 || ($hasField === 1 && is_numeric($parts[0]))) { $sameScope = true; } break; } } if ($sameScope === true && in_array($parts[0], array_keys($ModelObj->hasAndBelongsToMany))) { $sameScope = false; } } if (!$view->association && $parts[0] == $view->field && $view->field != $view->model) { array_unshift($parts, $model); $hasField = true; } $view->field = $view->modelId = $view->fieldSuffix = $view->association = null; switch (count($parts)) { case 1: if ($view->modelScope === false) { $view->model = $parts[0]; } else { $view->field = $parts[0]; if ($sameScope === false) { $view->association = $parts[0]; } } break; case 2: if ($view->modelScope === false) { list($view->model, $view->field) = $parts; } elseif ($sameScope === true && $hasField === 0) { list($view->field, $view->fieldSuffix) = $parts; } elseif ($sameScope === true && $hasField === 1) { list($view->modelId, $view->field) = $parts; } else { list($view->association, $view->field) = $parts; } break; case 3: if ($sameScope === true && $hasField === 1) { list($view->modelId, $view->field, $view->fieldSuffix) = $parts; } elseif ($hasField === 2) { list($view->association, $view->modelId, $view->field) = $parts; } else { list($view->association, $view->field, $view->fieldSuffix) = $parts; } break; case 4: if ($parts[0] === $view->model) { list($view->model, $view->modelId, $view->field, $view->fieldSuffix) = $parts; } else { list($view->association, $view->modelId, $view->field, $view->fieldSuffix) = $parts; } break; default: $reverse = array_reverse($parts); if ($hasField) { $view->field = $field; if (!is_numeric($reverse[1]) && $reverse[1] != $model) { $view->field = $reverse[1]; $view->fieldSuffix = $field; } } if (is_numeric($parts[0])) { $view->modelId = $parts[0]; } elseif ($view->model == $parts[0] && is_numeric($parts[1])) { $view->modelId = $parts[1]; } $view->association = $model; break; } if (!isset($view->model) || empty($view->model)) { $view->model = $view->association; $view->association = null; } elseif ($view->model === $view->association) { $view->association = null; } if ($setScope) { $view->modelScope = true; } } /** * Gets the currently-used model of the rendering context. * * @return string */ function model() { $view =& ClassRegistry::getObject('view'); if (!empty($view->association)) { return $view->association; } else { return $view->model; } } /** * Gets the ID of the currently-used model of the rendering context. * * @return mixed */ function modelID() { $view =& ClassRegistry::getObject('view'); return $view->modelId; } /** * Gets the currently-used model field of the rendering context. * * @return string */ function field() { $view =& ClassRegistry::getObject('view'); return $view->field; } /** * Returns false if given FORM field has no errors. Otherwise it returns the constant set in the array Model->validationErrors. * * @param string $model Model name as string * @param string $field Fieldname as string * @param integer $modelID Unique index identifying this record within the form * @return boolean True on errors. */ function tagIsInvalid($model = null, $field = null, $modelID = null) { $view =& ClassRegistry::getObject('view'); $errors = $this->validationErrors; $entity = $view->entity(); if (!empty($entity)) { return Set::extract($errors, join('.', $entity)); } } /** * Generates a DOM ID for the selected element, if one is not set. * * @param mixed $options * @param string $id * @return mixed */ function domId($options = null, $id = 'id') { $view =& ClassRegistry::getObject('view'); if (is_array($options) && array_key_exists($id, $options) && $options[$id] === null) { unset($options[$id]); return $options; } elseif (!is_array($options) && $options !== null) { $this->setEntity($options); return $this->domId(); } $entity = $view->entity(); $model = array_shift($entity); $dom = $model . join('',array_map(array('Inflector','camelize'),$entity)); if (is_array($options) && !array_key_exists($id, $options)) { $options[$id] = $dom; } elseif ($options === null) { return $dom; } return $options; } /** * Gets the input field name for the current tag * * @param array $options * @param string $key * @return array * @access protected */ function _name($options = array(), $field = null, $key = 'name') { $view =& ClassRegistry::getObject('view'); if ($options === null) { $options = array(); } elseif (is_string($options)) { $field = $options; $options = 0; } if (!empty($field)) { $this->setEntity($field); } if (is_array($options) && array_key_exists($key, $options)) { return $options; } switch ($field) { case '_method': $name = $field; break; default: $name = 'data[' . join('][', $view->entity()) . ']'; break; } if (is_array($options)) { $options[$key] = $name; return $options; } else { return $name; } } /** * Gets the data for the current tag * * @param array $options * @param string $key * @return array * @access public */ function value($options = array(), $field = null, $key = 'value') { if ($options === null) { $options = array(); } elseif (is_string($options)) { $field = $options; $options = 0; } if (is_array($options) && isset($options[$key])) { return $options; } if (!empty($field)) { $this->setEntity($field); } $view =& ClassRegistry::getObject('view'); $result = null; $entity = $view->entity(); if (!empty($this->data) && !empty($entity)) { $result = Set::extract($this->data, join('.', $entity)); } $habtmKey = $this->field(); if (empty($result) && isset($this->data[$habtmKey][$habtmKey])) { $result = $this->data[$habtmKey][$habtmKey]; } elseif (empty($result) && isset($this->data[$habtmKey]) && is_array($this->data[$habtmKey])) { if (ClassRegistry::isKeySet($habtmKey)) { $model =& ClassRegistry::getObject($habtmKey); $result = $this->__selectedArray($this->data[$habtmKey], $model->primaryKey); } } if (is_array($result)) { if (array_key_exists($view->fieldSuffix, $result)) { $result = $result[$view->fieldSuffix]; } } if (is_array($options)) { if (empty($result) && isset($options['default'])) { $result = $options['default']; } unset($options['default']); } if (is_array($options)) { $options[$key] = $result; return $options; } else { return $result; } } /** * Sets the defaults for an input tag * * @param array $options * @param string $key * @return array * @access protected */ function _initInputField($field, $options = array()) { if ($field !== null) { $this->setEntity($field); } $options = (array)$options; $options = $this->_name($options); $options = $this->value($options); $options = $this->domId($options); if ($this->tagIsInvalid()) { $options = $this->addClass($options, 'form-error'); } return $options; } /** * Adds the given class to the element options * * @param array $options * @param string $class * @param string $key * @return array */ function addClass($options = array(), $class = null, $key = 'class') { if (isset($options[$key]) && trim($options[$key]) != '') { $options[$key] .= ' ' . $class; } else { $options[$key] = $class; } return $options; } /** * Returns a string generated by a helper method * * This method can be overridden in subclasses to do generalized output post-processing * * @param string $str String to be output. * @return string */ function output($str) { return $str; } /** * Before render callback. Overridden in subclasses. * */ function beforeRender() { } /** * After render callback. Overridden in subclasses. * */ function afterRender() { } /** * Before layout callback. Overridden in subclasses. * */ function beforeLayout() { } /** * After layout callback. Overridden in subclasses. * */ function afterLayout() { } /** * Transforms a recordset from a hasAndBelongsToMany association to a list of selected * options for a multiple select element * * @param mixed $data * @param string $key * @return array * @access private */ function __selectedArray($data, $key = 'id') { if (!is_array($data)) { $model = $data; if (!empty($this->data[$model][$model])) { return $this->data[$model][$model]; } if (!empty($this->data[$model])) { $data = $this->data[$model]; } } $array = array(); if (!empty($data)) { foreach ($data as $var) { $array[$var[$key]] = $var[$key]; } } return $array; } /** * Resets the vars used by Helper::clean() to null * * @access private */ function __reset() { $this->__tainted = null; $this->__cleaned = null; } /** * Removes harmful content from output * * @access private */ function __clean() { if (get_magic_quotes_gpc()) { $this->__cleaned = stripslashes($this->__tainted); } else { $this->__cleaned = $this->__tainted; } $this->__cleaned = str_replace(array("&", "<", ">"), array("&amp;", "&lt;", "&gt;"), $this->__cleaned); $this->__cleaned = preg_replace('#(&\#*\w+)[\x00-\x20]+;#u', "$1;", $this->__cleaned); $this->__cleaned = preg_replace('#(&\#x*)([0-9A-F]+);*#iu', "$1$2;", $this->__cleaned); $this->__cleaned = html_entity_decode($this->__cleaned, ENT_COMPAT, "UTF-8"); $this->__cleaned = preg_replace('#(<[^>]+[\x00-\x20\"\'\/])(on|xmlns)[^>]*>#iUu', "$1>", $this->__cleaned); $this->__cleaned = preg_replace('#([a-z]*)[\x00-\x20]*=[\x00-\x20]*([\`\'\"]*)[\\x00-\x20]*j[\x00-\x20]*a[\x00-\x20]*v[\x00-\x20]*a[\x00-\x20]*s[\x00-\x20]*c[\x00-\x20]*r[\x00-\x20]*i[\x00-\x20]*p[\x00-\x20]*t[\x00-\x20]*:#iUu', '$1=$2nojavascript...', $this->__cleaned); $this->__cleaned = preg_replace('#([a-z]*)[\x00-\x20]*=([\'\"]*)[\x00-\x20]*v[\x00-\x20]*b[\x00-\x20]*s[\x00-\x20]*c[\x00-\x20]*r[\x00-\x20]*i[\x00-\x20]*p[\x00-\x20]*t[\x00-\x20]*:#iUu', '$1=$2novbscript...', $this->__cleaned); $this->__cleaned = preg_replace('#([a-z]*)[\x00-\x20]*=*([\'\"]*)[\x00-\x20]*-moz-binding[\x00-\x20]*:#iUu','$1=$2nomozbinding...', $this->__cleaned); $this->__cleaned = preg_replace('#([a-z]*)[\x00-\x20]*=([\'\"]*)[\x00-\x20]*data[\x00-\x20]*:#Uu', '$1=$2nodata...', $this->__cleaned); $this->__cleaned = preg_replace('#(<[^>]+)style[\x00-\x20]*=[\x00-\x20]*([\`\'\"]*).*expression[\x00-\x20]*\([^>]*>#iU', "$1>", $this->__cleaned); $this->__cleaned = preg_replace('#(<[^>]+)style[\x00-\x20]*=[\x00-\x20]*([\`\'\"]*).*behaviour[\x00-\x20]*\([^>]*>#iU', "$1>", $this->__cleaned); $this->__cleaned = preg_replace('#(<[^>]+)style[\x00-\x20]*=[\x00-\x20]*([\`\'\"]*).*s[\x00-\x20]*c[\x00-\x20]*r[\x00-\x20]*i[\x00-\x20]*p[\x00-\x20]*t[\x00-\x20]*:*[^>]*>#iUu', "$1>", $this->__cleaned); $this->__cleaned = preg_replace('#]*>#i', "", $this->__cleaned); do { $oldstring = $this->__cleaned; $this->__cleaned = preg_replace('#]*>#i', "", $this->__cleaned); } while ($oldstring != $this->__cleaned); $this->__cleaned = str_replace(array("&", "<", ">"), array("&amp;", "&lt;", "&gt;"), $this->__cleaned); } } ?>